phtheven

joined 7 months ago
sorted by: new top controversial old
Lawsuit Alleges That WhatsApp Has No End-to-End Encryption in c/technology@lemmy.world
[–] phtheven@lemmy.world 2 points 5 days ago

I found this:

https://github.com/signalapp/Signal-Desktop/blob/main/reproducible-builds/README.md

Looks like they're working on reproducibility, at least in the desktop app. That's a little disappointing but i guess I'm happy they're working on it.

Lawsuit Alleges That WhatsApp Has No End-to-End Encryption in c/technology@lemmy.world
[–] phtheven@lemmy.world 1 points 5 days ago (1 children)

Neat! And can this been done with signal or proton?

Lawsuit Alleges That WhatsApp Has No End-to-End Encryption in c/technology@lemmy.world
[–] phtheven@lemmy.world 2 points 5 days ago

In the end i have to choose between some shady company or some guy with a homelab. I guess I'll choose the one who isn't financially incentivized to screw me over.

Lawsuit Alleges That WhatsApp Has No End-to-End Encryption in c/technology@lemmy.world
[–] phtheven@lemmy.world 2 points 5 days ago (8 children)

By this logic, can we trust any open source software, even if they claim to use some third party encryption? They could say they're using a super secure encryption, even show it implemented in their open source code base, then just put the other, secret evil backdoor code base in production? Is there a way for any open source project to prove that the code in their open source repo is the code in production?

Lawsuit Alleges That WhatsApp Has No End-to-End Encryption in c/technology@lemmy.world
[–] phtheven@lemmy.world 12 points 5 days ago* (last edited 5 days ago) (13 children)

Okay Old Fashioned, but doesn't open source encryption audited by a third party solve this problem? Signal protocol for example? Also proton, I'm guessing, but I'm too lazy to check